package com.config;

import com.config.factory.JwtDecoderFactory;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeReactiveAuthenticationManager;
import org.springframework.security.oauth2.client.endpoint.WebClientReactiveAuthorizationCodeTokenResponseClient;
import org.springframework.security.web.server.SecurityWebFilterChain;

import java.util.ArrayList;

@Slf4j
@EnableWebFluxSecurity
@Configuration
@AutoConfigureAfter(WebClientConfigForFlux.class)
public class WebConfigForFlux {
    @Autowired
    WebClientConfigForFlux webClientConfigForFlux;


    public OAuth2AuthorizationCodeReactiveAuthenticationManager authenticationManager() {
        WebClientReactiveAuthorizationCodeTokenResponseClient webClientReactiveAuthorizationCodeTokenResponseClient = new WebClientReactiveAuthorizationCodeTokenResponseClient();
        webClientReactiveAuthorizationCodeTokenResponseClient.setWebClient(webClientConfigForFlux.oauth2ClientRestOperations());
        OAuth2AuthorizationCodeReactiveAuthenticationManager oAuth2AuthorizationCodeReactiveAuthenticationManager = new OAuth2AuthorizationCodeReactiveAuthenticationManager(webClientReactiveAuthorizationCodeTokenResponseClient);
        return oAuth2AuthorizationCodeReactiveAuthenticationManager;
    }

    @Bean
    public SecurityWebFilterChain security(ServerHttpSecurity http) {
        return http.csrf().disable()
                .authorizeExchange().pathMatchers("/webjars/**").permitAll()
                .anyExchange().authenticated()
                .and()
                .formLogin()
                .and().logout().and()
                .oauth2Login().and().
                        oauth2Client().authenticationManager(authenticationManager())
                .and()
                .build();
    }

    @Bean
    public com.config.factory.JwtDecoderFactory jwtDecoderFactory() {
        JwtDecoderFactory jwtDecoderFactory = new JwtDecoderFactory(webClientConfigForFlux.oauth2ClientRestOperations());
        return jwtDecoderFactory;
    }


    @Bean
    public MapReactiveUserDetailsService userDetailsService() {
        ArrayList<UserDetails> users = new ArrayList<>();
        users.add(User.withUsername("user").password("{bcrypt}$2a$10$Nl8zvMdhS0l22hBR.hAsNuQeMWH0.dgVRC/4.a0ny37SiI2Hbc4iW").roles("USER").build());
        users.add(User.withUsername("user1").password("{bcrypt}$2a$10$6r4WkpfuAZ/k7UnoOwtXo.QsMTO.nBz2wZKtwG63t3VcFQj1BXxqC").roles("POST").build());
        return new MapReactiveUserDetailsService(users);
    }


//    @Override
//    public void configure(WebSecurity web) throws Exception {
//        web.ignoring().antMatchers("/webjars/**");
//    }
}